urlscan.io logo urlscan.io
SecurityTrails logo

webaccess.duckdns.org Open in urlscan Pro
89.47.165.229  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://webaccess.duckdns.org/dhl
Effective URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.a...
Submission Tags: @ipnigh
Submission: On August 23 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 38 HTTP transactions. The main IP is 89.47.165.229, located in Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is webaccess.duckdns.org.
This is the only time webaccess.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 24 89.47.165.229 62282 (RACKRAY U...)
1 2606:2800:234... 15133 (EDGECAST)
1 172.227.112.154 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
38 5
Apex Domain
Subdomains		 Transfer
24 duckdns.org
webaccess.duckdns.org
442 KB
2 google-analytics.com
www.google-analytics.com
17 KB
1 dhl.com
www.mydhl.dhl.com
135 KB
1 fonts.net
fast.fonts.net
322 B
38 4
Domain Requested by
24 webaccess.duckdns.org 2 redirects webaccess.duckdns.org
2 www.google-analytics.com webaccess.duckdns.org
1 www.mydhl.dhl.com webaccess.duckdns.org
1 fast.fonts.net webaccess.duckdns.org
38 4

This site contains no links.

Subject Issuer Validity Valid

1970-01-01 -
1970-01-01		 a few seconds crt.sh
www.mydhl.dhl.com
DigiCert SHA2 Secure Server CA		 2018-08-01 -
2020-01-30		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 9CD4141C2CAF0D5BDE47BA2172535371
Requests: 31 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 171AE71A4F87912533659B2A52EE03AA
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 07862CA341D30E0B622A9AADB82496F6
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 4BF27B7BAF9381E566E4C9B6FD12455D
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: E4B4A04EAE2F554D6F19390F6598C0BC
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 1AF711E826F5493D6E9D24A4D1A96D64
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: 62A6F8B273E6DAA47A34CF9E97833D54
Requests: 1 HTTP requests in this frame

Frame: http://webaccess.duckdns.org/dhl/Files/video_921234.html
Frame ID: F9E264F67E5A0AFDC3A822184AADAE5E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://webaccess.duckdns.org/dhl HTTP 301
    http://webaccess.duckdns.org/dhl/ HTTP 302
    http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

8 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

593 kB
Transfer

623 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://webaccess.duckdns.org/dhl HTTP 301
    http://webaccess.duckdns.org/dhl/ HTTP 302
    http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 32
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
webaccess.duckdns.org/dhl/
Redirect Chain
  • http://webaccess.duckdns.org/dhl
  • http://webaccess.duckdns.org/dhl/
  • http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.asp...
22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
e4a1ce994ce1004b1313c0b67bb411516a340a574e7ae965b40ab9b1f28c2789

Request headers

Host
webaccess.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:12:59 GMT
Server
Apache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 23 Aug 2019 12:12:59 GMT
Server
Apache
Location
login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
ga.js
webaccess.duckdns.org/dhl/Files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/ga.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
33393
1.css
fast.fonts.net/t/ 		0
322 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fast.fonts.net/t/1.css?apiType=css&projectid=a3f6fe50-744f-4123-952d-600048fa8a7c
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:12:59 GMT
Last-Modified
Wed, 21 Feb 2018 12:55:22 GMT
Server
ECS (fcn/41AE)
Etag
"616070693"
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 23 Aug 2019 12:12:59 GMT
layout.css
webaccess.duckdns.org/dhl/Files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/layout.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"474-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1140
buttons.js
webaccess.duckdns.org/dhl/Files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/buttons.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
33393
util.js
webaccess.duckdns.org/dhl/Files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/util.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
33393
main.css
webaccess.duckdns.org/dhl/Files/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/main.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1e22b-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
123435
plugins.min.js
webaccess.duckdns.org/dhl/Files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/plugins.min.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
33393
jquery.js
webaccess.duckdns.org/dhl/Files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/jquery.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
33393
dhl_logo_transparent.png
webaccess.duckdns.org/dhl/Files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/dhl_logo_transparent.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"794-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
1940
form_help.png
webaccess.duckdns.org/dhl/Files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/form_help.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"4f9-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
1273
mydhl_benefit_1.png
webaccess.duckdns.org/dhl/Files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_1.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1485-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
5253
mydhl_benefit_2.png
webaccess.duckdns.org/dhl/Files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_2.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"10ad-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=82
Content-Length
4269
mydhl_benefit_3.png
webaccess.duckdns.org/dhl/Files/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_3.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"1970-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=81
Content-Length
6512
mydhl_benefit_4.png
webaccess.duckdns.org/dhl/Files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_4.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"12cd-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
4813
mydhl_benefit_5.png
webaccess.duckdns.org/dhl/Files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/mydhl_benefit_5.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"bf6-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
3062
DHL_footer_logo.png
webaccess.duckdns.org/dhl/Files/ 		724 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/Files/DHL_footer_logo.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"2d4-55a52fe311180"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=80
Content-Length
724
dhl-print.css
webaccess.duckdns.org/dhl/Files/ 		546 B
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/dhl-print.css
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
e0556ca17eba8429f9d2d2b3997ff5d5386e350b3feed19347667de553a05110

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:01 GMT
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
Server
Apache
ETag
"222-55a52fe311180"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=77
Content-Length
546
mydhl_image_western-cultural.jpg
www.mydhl.dhl.com/content/dam/Local_Images/g0/express/mydhl/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mydhl.dhl.com/content/dam/Local_Images/g0/express/mydhl/mydhl_image_western-cultural.jpg
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.112.154 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-112-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jun 2019 20:08:30 GMT
ETag
"1826bc-2186e-58c1760386b80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
s-maxage=172800, public, max-age=10800, max-age=172800
Date
Fri, 23 Aug 2019 12:13:00 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137326
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Aug 2019 05:18:55 GMT
bg-header.png
webaccess.duckdns.org/dhl/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/images/bg-header.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
923af17a696678ea2d075ca1c037258b629dc5ab4cd2f0cb3de96dd59328592a

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
33393
shadow_navigation_main_bottom.png
webaccess.duckdns.org/dhl/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/images/shadow_navigation_main_bottom.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
c4cc8903ada12b36c2dd200b0247fe6731796a04cb48f8dc0573df2a27852160

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:01 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=79
Content-Length
33393
443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0
23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 171A 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 0786 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 4BF2 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame E4B4 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 1AF7 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame 62A6 		0
0
video_921234.html
webaccess.duckdns.org/dhl/Files/ Frame F9E2 		156 KB
156 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
516ced1cfe81b07e87c82fa922a5ddfc8e342ce9b7ce68fc3ad2961a29ebd264

Request headers

Host
webaccess.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Server
Apache
Last-Modified
Fri, 29 Sep 2017 12:16:22 GMT
ETag
"26e7e-55a52fe311180"
Accept-Ranges
bytes
Content-Length
159358
Keep-Alive
timeout=5, max=90
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
icon-arrow-close.png
webaccess.duckdns.org/dhl/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/images/icon-arrow-close.png
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:00 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
33393
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3607
date
Fri, 23 Aug 2019 11:12:53 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Fri, 23 Aug 2019 13:12:53 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
servicelink_separator.gif
webaccess.duckdns.org/dhl/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://webaccess.duckdns.org/dhl/images/servicelink_separator.gif
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
HTTP/1.1
Security
, ,
Server
89.47.165.229 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
50f8.l.hostens.cloud
Software
Apache /
Resource Hash
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 12:13:01 GMT
Last-Modified
Tue, 18 Jun 2019 14:32:04 GMT
Server
Apache
ETag
"8271-58b99fa03db69"
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=78
Content-Length
33393
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefine...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefin...
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~
Requested by
Host: webaccess.duckdns.org
URL: http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://webaccess.duckdns.org/dhl/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 04:15:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
115066
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=623190397&utmhn=webaccess.duckdns.org&utme=8(accountStatus*countrySelectedByUser)9((attribute%20undefined%271*(attribute%20undefined%271)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=DHL%20%7C%20Global%20%7C%20English&utmhid=2061305318&utmr=-&utmp=smep_portal_page_login%2FShippingOptionsQueryController%2Fcom%2Fdhl%2Fsmep%2Fportlets%2FshippingOptionsQuery%2FenterShippingData.jsp&utmht=1566562380475&utmac=UA-37191247-1&utmcc=__utma%3D185562287.1765635795.1566562380.1566562380.1566562380.1%3B%2B__utmz%3D185562287.1566562380.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmu=qxSAAAAIAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
truncated
/ Frame F9E2 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F9E2 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F9E2 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Referer
http://webaccess.duckdns.org/dhl/Files/video_921234.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0
758b3adb-babc-432f-8224-6d5987a29d87.woff
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0
a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0
a0db12d8-1ce6-447c-88db-a84df4843728.ttf
www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/443d53e8-5a36-44d4-a132-02501f29ccb4.woff2
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/23c8fd07-fd70-4f71-8660-ee48fd5cdd78.woff2
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
webaccess.duckdns.org
URL
http://webaccess.duckdns.org/dhl/Files/video_921234.html
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/e934c7fe-0eba-45c0-be91-b05ff19b5073.woff
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/758b3adb-babc-432f-8224-6d5987a29d87.woff
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a4b36fb8-d470-4a09-87d7-70de08efeeaf.ttf
Domain
www.mydhl.dhl.com
URL
https://www.mydhl.dhl.com/mydhl/framework/skins/dhl/fonts/a0db12d8-1ce6-447c-88db-a84df4843728.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| currentLanguage string| calendarLanguage string| contextPath string| btnConfirmOk string| btnConfirmCancel string| linkMore string| linkLess string| dateFormatPattern function| validate object| _gaq object| _gat object| gaGlobal

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.fonts.net
webaccess.duckdns.org
www.google-analytics.com
www.mydhl.dhl.com
webaccess.duckdns.org
www.mydhl.dhl.com
172.227.112.154
2606:2800:234:660:118e:28f:1d8a:2522
2a00:1450:4001:814::200e
89.47.165.229
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
35b8eca53271516f3d66a3dd8f89e1366edb87adad26015424148de71dfcce46
38c387b0151772ae21faabbfed1281b46163aa484168d870440f82b64e736063
3dbafdfa54ef76441f3f5e406264767885421889ccab69744e3f7d4226aebe9e
516ced1cfe81b07e87c82fa922a5ddfc8e342ce9b7ce68fc3ad2961a29ebd264
69f3cd5711722de0b3ce814b2b51d01f60b0c270042659e9972c2b34265ad773
6b183a115aa27f57c515661c33997b1c96999981ac7e0534e4a46f1c19377c49
77511e8beca58bc2e49bee41d5ad842b9da8c16370a36a15c2fe253b1fa79530
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
923af17a696678ea2d075ca1c037258b629dc5ab4cd2f0cb3de96dd59328592a
9f6e2d3a6f15517380d4582c8770aee1ca0d29e53d5966aa6982c9f46a8c9efe
af7f14e6c8e65f74dac6afda27be4ce7512db2a778ec42c36f55a1ed363fc7d8
b3011fd16e43cd860b9782c4eafe77c1cc40da2e0f6e2e5ea547d98d6efac879
b3b3f72fefa8480eef99644b25181c2b18a91464466f24557ed598af68fee7dc
b76821127423f9469cced9162d607ca799e63694ba7a851896c0a96a34ab2927
baffd233b0f77bcc50519a65a1e06f71ce63a8f4109581939029021878b56f59
c4cc8903ada12b36c2dd200b0247fe6731796a04cb48f8dc0573df2a27852160
cba36ffea0e05b51840b73b915ec8bdc13f68e7f8ca88565fabca1baaf75a00c
e0556ca17eba8429f9d2d2b3997ff5d5386e350b3feed19347667de553a05110
e306705c996676db01f4072ed3d6f33d89089a848ab0b2a0ba07a2d866ec309f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1ce994ce1004b1313c0b67bb411516a340a574e7ae965b40ab9b1f28c2789